S3D Research Wins Best Paper at IJCAI 2024 AISafety Workshop

Research from the Software and Society Systems Department (S3D) recently received the best paper award from the International Joint Conference on Artificial Intelligence’s (IJCAI) 2024 AISafety Workshop.

“Hyper-Parameter Tuning for Adversarially Robust Models,” was authored by Pedro Mendes, an S3D Ph.D. student in Carnegie Mellon University’s dual degree program with the Instituto Superior Técnico (IST) at the University of Lisbon, Portugal; Paolo Romano, an associate professor at the IST; and David Garlan, a professor in CMU’s School of Computer Science. The paper focuses on the problem of hyper-parameter tuning (HPT) for adversarially trained models and sheds light on the new challenges and opportunities arising during the HPT process for robust models while proposing novel techniques to reduce costs. The researchers conducted an extensive experimental study based on three popular models or datasets widely used to evaluate adversarial training (AT) methods. The paper also shows that it is possible to leverage cheap AT methods to obtain inexpensive, yet highly correlated, estimations of the quality achievable using more robust or expensive methods. This novel approach combined with a recent multi-fidelity optimizer significantly enhances the efficiency of the HPT process.

The work will help reduce cost and barriers to improving machine learning models through training that makes them robust against certain adversarial attacks.

The AISafety Workshop, held on Aug. 4 during IJCAI’s annual meeting in Jeju, South Korea, sought to explore new ideas on safety engineering and broader strategic, ethical and policy aspects of safety-critical AI-based systems. IJCAI is a premier international gathering of AI researchers.